random dross

Web security and beyond...

My blog has moved...

My blog has moved to randomdross.blogspot.com. Please update your RSS readers, etc.

Author: dross Date: 08/04/2014

Over the past six months or so I’ve been looking at hyperlink spoofing threats as a bit of a...

Author: dross Date: 04/26/2012

Creating XSS

I’ve seen MS10-002 pop up a few times in discussion recently. This is a reference to the...

Author: dross Date: 04/25/2012

XSS Filter Tech: Later is Better?

Arcane design decisions can have subtle but important effects on the characteristics of a security...

Author: dross Date: 12/20/2011

Enforcing Standards Mode with X-FRAME-OPTIONS

Reduced attack surface in Standards Mode is a good step forward for XSS-Focused Attack Surface...

Author: dross Date: 06/30/2011

Fuzzing for Design Bugs?

Have you ever heard someone ask “Do we need to fuzz this?” This question comes up quite...

Author: dross Date: 09/03/2010

Happy 10th birthday Cross-Site Scripting!

On the 16th of January, 2000, the following names were suggested and bounced around among a small...

Author: dross Date: 12/15/2009

Current Thoughts on DNS Rebinding

RSnake and Dan Kaminsky have been talking about session fixation via DNS Rebinding. As you may...

Author: dross Date: 11/17/2009

Thoughts on Legacy Character Sets

One of the things I have taken from the IE XSS Filter project is a healthy fear of legacy character...

Author: dross Date: 11/03/2009

Good Bug

Credit goes to Alex "Kuza55" Kouzemtchenko for identifying a weakness in the XSS Filter OBJECT tag...

Author: dross Date: 05/28/2009

The MSHTML (Trident) Host Security FAQ

I've posted a two-part FAQ addressing security considerations for apps that host MSHTML. Check it...

Author: dross Date: 04/06/2009

New webappsec tools

Chris Weber's Watcher:...

Author: dross Date: 03/25/2009

IE8 is here!

http://www.microsoft.com/ie What are you waiting for? Go get it!

Author: dross Date: 03/19/2009

XSS Filter Improvements in IE8 RC1

I've just posted detail up on the SVRD Blog about some improvements and bug fixes to the XSS Filter...

Author: dross Date: 01/30/2009

Video Roundup (Martin Johns and more!)

Recently I got Martin Johns connected with Helen Wang's group in Microsoft Research. Check out...

Author: dross Date: 01/14/2009

ABE

Giorgio Maone's new ABE project looks pretty cool. Exposing the loose and often unnecessary...

Author: dross Date: 12/20/2008

XSSDS

Björn Engelmann, Joachim Posegga, and LocalRodeo developer Martin Johns have authored an excellent...

Author: dross Date: 09/30/2008

IE8 Beta 2

If you haven’t already seen, Internet Explorer 8 Beta 2 is out – go get it! Now is a good time to...

Author: dross Date: 08/29/2008

IE 8 XSS Filter Architecture / Implementation revealed + some other news

I've just posted some detail on the Internet Explorer 8 XSS Filter Architecture / Implementation...

Author: dross Date: 08/19/2008

IE8 XSS Filter design philosophy in-depth

It's great to see some positive reaction to the potential of our XSS Filter. Now we just need to...

Author: dross Date: 07/04/2008

IE8 goes on the offensive against XSS!

IE has announced the new XSS Filter feature which will debut in IE8 Beta 2! Stay tuned to my blog in...

Author: dross Date: 07/02/2008

Lead my team!

My team (SWI React) is hiring for a lead position. Details: Job Title: Lead Software Development...

Author: dross Date: 05/17/2008

XSS-Focused Attack Surface Reduction

All web browsers expose what have been referred to as XSS “attack vectors” – various techniques that...

Author: dross Date: 03/10/2008

The Kill-Bit FAQ - Part 1 of 3 posted to SVRD blog

Check out my ActiveX Kill-Bit FAQ which is now being posted to the SVRD blog. There are three parts,...

Author: dross Date: 02/06/2008

Security Vulnerability Research & Defense blog

My team now has a blog! http://blogs.technet.com/swi/ I'll be contributing to the team blog in the...

Author: dross Date: 12/27/2007

MashupOS

The standard IFRAME-based isolation technique for web apps is starting to show its age. We need...

Author: dross Date: 09/12/2007

An innovative new defense against cross-domain vulnerabilities

Cross-domain (or “Universal XSS”) vulnerabilities have long plagued modern script-enabled web...

Author: dross Date: 08/22/2007

A group at Stanford has been researching these issues and recently published Protecting Browsers...

Author: dross Date: 08/03/2007

Notes on DNS Pinning

Christian Matthies has an excellent writeup on DNS Pinning (with diagrams!) If you're tuned into web...

Author: dross Date: 07/09/2007

Inspect Your Gadget

Michael Howard and I have written up some guidance on how to develop secure Vista Sidebar Gadgets:...

Author: dross Date: 06/26/2007

De-obfuscation using a standalone Javascript interpreter

Mark Wodrich forwarded me this Websense blog post describing how to use a standalone Javascript...

Author: dross Date: 12/08/2006

eval() and document.write(), meet Execute and ExecuteGlobal

Be on the lookout for these two VBScript statements that can be used to achieve the same effect as...

Author: dross Date: 11/16/2006

Recursive Obfuscation

Thanks to Jonathan Ness for pointing me to an example of a new obfuscation technique that attempts...

Author: dross Date: 10/05/2006

High-bit ASCII obfuscation

Here’s another new obfuscation technique I’ve seen in use on malicious web sites recently. Check out...

Author: dross Date: 10/01/2006

Code length dependent obfuscation

Wow, it’s been a long time! Hopefully I can find more time to blog over the next couple of months.In...

Author: dross Date: 09/28/2006

Analyzing Browser Based Vulnerability Exploitation Incidents

I've written up a paper that describes some useful tools/techniques for deconstructing web based...

Author: dross Date: 06/13/2005

Hello!

Hi! I'm David Ross and this is my work blog. As an engineer on the Microsoft Secure Windows...

Author: dross Date: 06/11/2005